Vulnerability Details CVE-2008-2680
Multiple cross-site scripting (XSS) vulnerabilities in _db/compact.asp in Realm CMS 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) CmpctedDB and (2) Boyut parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.6%
CVSS Severity
CVSS v2 Score 4.3
References
- http://bugreport.ir/index.php?/40
- http://secunia.com/advisories/30583
- http://www.securityfocus.com/bid/29616
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42953
- https://www.exploit-db.com/exploits/5766
- http://bugreport.ir/index.php?/40
- http://secunia.com/advisories/30583
- http://www.securityfocus.com/bid/29616
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42953
- https://www.exploit-db.com/exploits/5766
Products affected by CVE-2008-2680
-
cpe:2.3:a:realm_project:realm_cms:*